Enabling Graphics for the BOINC daemon on Linux

When BOINC is installed on Linux as a system service (a "daemon") you need to give
the 'boinc' user explicit permission to display graphics on your
screen.
This page describes the proceedure for doing so.

THIS PAGE IS OUTDATED AS OF BOINC 6

Last modified:
3 March 2010

The X Window system used by Linux has strict security settings which
prevent one user from displaying a window on the screen of another
user.
This is good under normal circumstances, but it prevents BOINC, when
running as a system service (a Unix "daemon"), from displaying the graphics
created by a running BOINC application.
This page tells you how you can grant permission to the 'boinc' user
to display such graphics on your window display.

In what follows % represents the command prompt for a
non-privledged user (like your own user account, or the 'boinc' account),
while # represents the command prompt for the 'root' user.
In either case, you don't type it. Just type the command which
follows the prompt.

Log in to your personal account (the one you want to be able to
view the graphics) and open a command shell. Extract the
authentication token for your primary X Windows display with the command:

% xauth extract /tmp/XKEY $DISPLAY

Make sure the file /tmp/XKEY can be read by the 'boinc' user:

% chmod +r /tmp/XKEY

Change to the 'boinc' account for the next step. If you have
given the 'boinc' account a password then you can use the su
command directly:

% su - boinc
Password:
%

Or you can log out and log in as 'boinc'.
If you have not given the 'boinc' account a password then you have to
first become 'root' and then 'su' to the 'boinc' account:

% su
Password:
# su - boinc
%

Import the authenticication token from the XKEY file
with the command:

% xauth merge /tmp/XKEY

This allows a program running as the 'boinc' user to create a window
on the display owned by your own user account (the display associated
with the token in the XKEY file).

Exit the command shell which runs as the 'boinc' user (with the
`exit` command -- twice if you had to become 'root' first).
Then delete the intermediate file /tmp/XKEY, so that nobody else
can use it to access your display.

% rm /tmp/XKEY

Only the user who created this file can delete this file.

You will need to stop and restart the 'boinc' daemon for this
change to take effect. But after that, you will always be able to
use the "show graphics" button. Unfortunately, you will have to go
through this whole procedure again whenever you reboot the computer.

It may be possible to write a script to do these steps for a user,
but it would still need to prompt for the appropriate passwords.

The "right" way to do this someday is to have the BOINC Manager run the
xauth extract command to extract the authentication token to
a temporary file, then pass an RPC to the boinc_client telling it
where the file is so that it can run the xauth merge command.
This will hopefully be incorporated into the BOINC software in a
future release.
[an error occurred while processing this directive]